ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.
It was my understanding that incomplete/insufficient data (ie, sessions where a few packets were let through, but not enough for an app-id) would match the first allow rule with a service of any (or an allow rule with an app that happens to have the same default port). In his screenshot it seems they are matching a deny rule, which is weird -- although I could've been wrong in my thinking. Should they match a deny rule?
... View more